Equation Group (link roundup)
Background: Russian Researchers Expose Breakthrough U.S. Spying Program – Reuters
Additional Detail: How ‘Omnipotent’ Hackers Tied to NSA Hid for 14 Years and Were Found at Last – ArsTechnica
The Kaspersky Report that started it all: “Equation Group: Questions and Answers” (pdf – 44 pages)
Additional Links: The Equation Group’s Sophisticated Hacking and Exploitation Tools – Bruce Schneier at LawFare:
“This is targeted surveillance. There’s nothing here that implies the NSA is doing this sort of thing to every computer, router, or hard drive. It’s doing it only to networks it wants to monitor . . . On one hand, it’s the sort of thing we want the NSA to do. It’s targeted. It’s exploiting existing vulnerabilities. In the overall scheme of things, this is much less disruptive to Internet security than deliberately inserting vulnerabilities that leave everyone insecure. On the other hand, the NSA’s definition of ‘targeted’ can be pretty broad . . . On the other other hand — can I even have three hands? — I remember a line from my latest book: ‘Today’s top-secret programs become tomorrow’s PhD theses and the next day’s hacker tools.’ . . . We need to figure out how to maintain security in the face of these sorts of attacks, because we’re all going to be subjected to the criminal versions of them in three to five years. That’s the real problem.”
The entire (not-too-lengthy) post by Schneier at LawFare is worth a read.
Surprise: America Already Has a Manhattan Project for Developing Cyber Attacks – Kevin Poulsen in Wired